Banking Newsletter - December 2013

In this edition we cover social media risks, customer value proposition in a digital age, dividend washing, major banks and mutuals 2013 performance.

Banking Newsletter

Banking Newsletter back-issues

View previous issues of KPMG's Banking Newsletter.

Banking Newsletter - December 2013

Operational Risk: A balancing act 

What’s the biggest risk that might hit your business?

Internal or external fraud? Workers compensation? Market manipulation or product defects? Natural disasters or terrorism? Utility disruptions or software/hardware failures? Failed mandatory reporting or accounting errors?

Perhaps even a combination of any of them? Could you react quickly and decisively if it happened?

Barings Bank in 1995 couldn’t. JP Morgan wasn’t able to after the Enron scandal. Nor was Société Générale in 2008 when they lost 4.9 billion Euro.

Operational risk, as defined by the Basel Accord (Basel II) is “the risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events.”

This is what many banks around the world and in Australia are proactively considering through their own Operational Risk scenario analysis. That by utilising this technique, senior managers can systematically consider the risks of potentially extreme (yet plausible) events and better determine their organisation’s ability to manage them.

Importantly, they are trying to find the right balance between:


  • risk management – the organisational response to risks through management actions and the process of change to better address actual or potential risk exposures, and is often driven ‘bottom-up’
  • risk measurement – focused on determining the potential costs of strategic and emerging risks, is closely linked to regulatory and risk-appetite, is less susceptible to bias and is often centrally-defined (‘top down’).

This highlights how scenario analysis has typically focused on group-driven ‘top-down’ measurement models or business-driven ‘bottom-up’ management models. But recent work by KPMG Australia, and a study KPMG Global in conjunction with ORX, has identified common building blocks and better practices for scenario analysis.

This linking of management and measurement is essential in developing scenarios that not only engage and make sense to management, but that fit the current business environment and concerns.

Today, however, banks utilise a number of scenario analysis methods depending on, for example, their circumstances or regulatory influence. This can lead to results that are difficult to objectively measure with any accuracy – especially when combined with bank-specific factors, including size, geography, business model, product offerings and regional legislation and regulation.

A common approach can help them better gauge the relative maturity of their risk scenario processes.

This approach utilises several high-level building blocks:


  • Governance – that the scenario analysis has support and buy-in from all relevant stakeholders
  • Preparation – that everyone fully understands the objective of the exercise and the details of the scenario
  • Assessment – that a relevant team is assembled who can effectively estimating frequency and severity parameters for each scenario
  • Validation – that the results are consistently and defensibly estimated with a systematic validation approach
  • Reporting – that results are periodically reported to all appropriate groups.


Each of these building blocks is, in turn, made up of components that can be separately described and evaluated. All of which, when closely considered, enable banks to better assemble the right data, estimate their ability to manage risks, and determine the amount and type of loss that may occur.

By tightly aligning risk management and risk measurement, banks can strengthen the value of their scenario analysis and be better prepared for the unexpected.

Mike Ritchie

Partner in Charge, Financial Risk Management

+61 2 9335 8251

Share this

Share this

 In this issue

Managing risk and complexity

Managing risk and complexity
Managing risk and complexity is a challenge to most boards and business executives.

Expectations of Risk Management Outpacing Capabilities: It's Time for Action

Expectations of Risk Management Outpacing Capabilities: It's Time for Action
The survey explores how effectively companies are integrating a holistic governance, risk and compliance (GRC) framework throughout the enterprise.

Financial Risk Management

KPMG’s Financial Risk Management group assists organisations to reinforce and enhance their in-house risk management and compliance resources.